From 85c11a8831ba9572813f122674b3680ae4d14010 Mon Sep 17 00:00:00 2001
From: Craig Mautner <cmautner@google.com>
Date: Thu, 17 Jul 2014 12:38:18 -0700
Subject: Restore calling identity before checking permission

Using the system service identity to check the CHANGE_CONFIGURATION
permission isn't likely to catch a security violation. Changing
back to the original caller and then checking permissions is
preferred.

Fixes bug 16215650.

Change-Id: Iff08d04422bcc052a487194154f1fd0d727d38f4
---
 services/core/java/com/android/server/am/ActivityStackSupervisor.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'services')

diff --git a/services/core/java/com/android/server/am/ActivityStackSupervisor.java b/services/core/java/com/android/server/am/ActivityStackSupervisor.java
index b0dfe4a..0310962 100644
--- a/services/core/java/com/android/server/am/ActivityStackSupervisor.java
+++ b/services/core/java/com/android/server/am/ActivityStackSupervisor.java
@@ -886,6 +886,8 @@ public final class ActivityStackSupervisor implements DisplayListener {
                     requestCode, callingPid, callingUid, callingPackage, startFlags, options,
                     componentSpecified, null, container);
 
+            Binder.restoreCallingIdentity(origId);
+
             if (stack.mConfigWillChange) {
                 // If the caller also wants to switch to a new configuration,
                 // do so now.  This allows a clean switch, as we are waiting
@@ -899,8 +901,6 @@ public final class ActivityStackSupervisor implements DisplayListener {
                 mService.updateConfigurationLocked(config, null, false, false);
             }
 
-            Binder.restoreCallingIdentity(origId);
-
             if (outResult != null) {
                 outResult.result = res;
                 if (res == ActivityManager.START_SUCCESS) {
-- 
cgit v1.1